Change Insecure Key To My Own Key On Vagrant

Nov 18, 2015

Vagrant changes the insecure key pair to randomly generated key on first setup by default. You may want to change the insecure key pair to your own key, not generated. Here is the steps for changing to your key.

Use multiple private keys

Let your keys are keys/private and keys/public.
You can set up the configuration like below to use two or more private keys.
The key that the box has at first is ~/.vagrant.d/insecure_private_key so you should append this default key.
Vagrant tries using private keys in order, so let your major key frist.

Do not generate a key

Vagrant generates a random key and insert to box and this random key is not in the private keys to use (set up above).
So you cannot login.
So we modify setting to not insert random generated key in the box, like this.

config.ssh.insert_key=false

Copy public key to VM

Let's copy the public key into the box. we can login with keys/private from now on.

Prevent access with plaintext password

You should set up one more thing. The box allows login with plaintext password so attacker can login with default username and password vagrant / vagrant. To disable it, modify the configuration file and restart sshd.